* [http://code.google.com/p/boomslang/ Boomslang] --- A thin layer of python over matplotlib that makes it easier to do common plots.

* [http://code.google.com/p/boomslang/ Boomslang] --- A thin layer of python over matplotlib that makes it easier to do common plots.

−

* [http://www.cytoscape.org/ Cytoscape]

+

* [http://www.cytoscape.org/ Cytoscape] - Cytoscape is an open source software platform for visualizing complex networks and integrating these with any type of attribute data.

* [http://www.graphviz.org/ Graphviz] - Originally developed by the [http://public.research.att.com/areas/visualization/ AT&T Information Visualization Gorup], designed for drawing connected graphs of nodes and edges. Neato is a similar system but does layout based on a spring model. Can produce output as [[PostScript]], [[PNG]], [[GIF]], or as an annotated graph file with the locations of all of the objects &mdash; ideal for drawing in a GUI. Runs from the command line on [[Unix]], [[Windows]] and [[Mac]], although there is also a [http://www.pixelglow.com/graphviz/ MacOS GUI version].

* [http://www.graphviz.org/ Graphviz] - Originally developed by the [http://public.research.att.com/areas/visualization/ AT&T Information Visualization Gorup], designed for drawing connected graphs of nodes and edges. Neato is a similar system but does layout based on a spring model. Can produce output as [[PostScript]], [[PNG]], [[GIF]], or as an annotated graph file with the locations of all of the objects &mdash; ideal for drawing in a GUI. Runs from the command line on [[Unix]], [[Windows]] and [[Mac]], although there is also a [http://www.pixelglow.com/graphviz/ MacOS GUI version].

* http://tulip.labri.fr/TulipDrupal/ - Tulip is an information visualization framework dedicated to the analysis and visualization of relational data.

See also: http://en.wikipedia.org/wiki/Social_network_analysis_software

See also: http://en.wikipedia.org/wiki/Social_network_analysis_software

Line 69:

Line 72:

* [http://sourceforge.net/projects/ivc/ InfoVis Cyberinfrastructure] - Another graph drawing system written in Java. (2009)

* [http://sourceforge.net/projects/ivc/ InfoVis Cyberinfrastructure] - Another graph drawing system written in Java. (2009)

* [http://www.andrew.cmu.edu/user/krack/krackplot.shtml Krackplot] - "KrackPlot is a program for network visualization designed for social network analysts." (2006; Windows only; no source, apparently)

* [http://www.andrew.cmu.edu/user/krack/krackplot.shtml Krackplot] - "KrackPlot is a program for network visualization designed for social network analysts." (2006; Windows only; no source, apparently)

CAIDA has 15+ years of work visualizing Internet topologies. You may find their tools to be useful:

CAIDA has 15+ years of work visualizing Internet topologies. You may find their tools to be useful:

Revision as of 18:54, 6 November 2011

Although not strictly for forensic purposes, visualization tools such as the ones discussed here can be very useful for visualizing large data sets. As forensic practitioners need to process more and more data, it is likely that some of the techniques implemented by these tools will need to be adopted.

NetMiner - A comprehensive tool for Social Network Analysis. Runs on Windows, with a Linux version under development. $35 for "Express" student version, $250 for "Professional" student version, $950 for "Normal" "Professional" version.

UCINET - A comprehensive package for the analysis of social network data as well as other 1-mode and 2-mode data.

Logster - an ultra-easy software tool to visualize Apache-style logs on a world map.

Clarified Analyzer - Visualizes Network Traffic and allows to drill down from visualizations to the packet level.

Visualization Toolkits and Libraries

C/C++

KDirStat, an open source implementation of Treemaps written in C. (Treemaps are a visualization technique developed at the University of Maryland for visualizing large amounts of multi-dimensional data.) You can find a copy of it in Disk Inventory X and